PDA

View Full Version : List of common things viruses screw with


RegEdit
04-26-2010, 10:23 PM
What are some of the most common things that viruses attack? What functionality do you check on when making sure that a machine is fixed?

- broken file associations
- start button, start menu, task bar gone
- add/remove programs will not populate

Squeak
04-27-2010, 02:09 AM
-Home page
-Internet browser settings (mostly IE)
-Task manager
-Network settings (IPv4, UDP, file sharing settings)
-Network shares
-Antivirus programs
-Media player
-Messenger programs
-OS startup
-Regerstering IE .dll files
-Various missing Dll or system files
-Various services not starting when they should
-Remote access disabled (get alot of this at work, makes accessing a computer on the other side of the campus annoying)
-DNS cache poisoning or having your DNS server completely changed (could fall under Network settings I suppose but meh).

edited here

-Flash player disabled/not working
-Java disabled/not working

All I can think of off the top of my head.

vdub12
04-27-2010, 05:17 AM
I had one today redirect internet traffic with a proxy setting in IE that shot it back through local host. made internet not work once virus was removed. Easy fix though.

RegEdit
04-27-2010, 06:27 AM
I had one today redirect internet traffic with a proxy setting in IE that shot it back through local host. made internet not work once virus was removed. Easy fix though.
What was the fix for that?

vdub12
04-27-2010, 06:43 AM
What was the fix for that?

Internet settings, connections, disable proxy and re-enable automatic settings. All it did was set a proxy that directed traffic to 127.0.0.1:5555

Techs on Deck
04-27-2010, 03:01 PM
Hosts file
Regedit
IE Trusted Zone
Firewall settings/exceptions

iisjman07
04-27-2010, 03:21 PM
Can't see wallpaper restrictions anywhere...

RegEdit
04-27-2010, 07:43 PM
Can't see wallpaper restrictions anywhere...
And what is the fix?

Perhaps registry changes as described here...
http://www.askvg.com/how-to-prevent-users-from-changing-desktop-wallpaper-in-windows/

vdub12
04-28-2010, 03:32 AM
This is another reason why I like to infect VM's so I can play with strange post infection problems and get the computer running correctly again.

Sometimes I will infect a VM fix it infect it with something else. After doing this a few ties other problems will show up that would not normally. I don't always start with a clean snapshot.

Vicenarian
05-12-2010, 10:23 PM
Ok, so far we have:

-Home page
-Internet browser settings (mostly IE) e.g. proxy, etc. etc. Check everything.
-Task manager
-Network settings (IPv4, UDP, file sharing settings)
-Network shares
-Antivirus programs
-Media player
-Messenger programs
-OS startup
-Regerstering IE .dll files (check with Winpatrol, and for BHO, etc. other misc. stuff)
-Various missing Dll or system files
-Various services not starting when they should
-Remote access disabled (get alot of this at work, makes accessing a computer on the other side of the

campus annoying)
-DNS cache poisoning or having your DNS server completely changed (could fall under Network settings I

suppose but meh). (Reset LMHOSTS)?
-Flash player disabled/not working
-Java disabled/not working
- Hosts file
- Regedit
- IE Trusted Zone
- Firewall settings/exceptions



Can anybody add any others?

RegEdit
05-12-2010, 10:54 PM
But how many of these disabled services ( Vicenarian lists ) are actually just broken file associations that are usually fixed in one fall swoop using techniques like these below?

We need to create a page of fixes for the most common things that get damaged....

Creates usable copies of REGEDIT, MSCONFIG and Task Manager:
http://www.dougknox.com/xp/utils/xp_emerutils.htm

Restore task Bar after system damage:
http://www.kztechs.com/sreng/sreng2.zip

Fixes .exe file associations (XP)
http://windowsxp.mvps.org/exefile.htm

File association Fixer 1.0 for Vista and 7:
http://www.soft82.com/download/windows/file-association-fixer/
http://www.winhelponline.com/articles/165/1/Restore-the-exe-file-association-in-Windows-Vista-after-incorrectly-associating-it-with-another-application.html

If Start Button, Start Menu, Task Bar, are all gone:
http://www.ehow.com/how_4915809_start-menu-start-button-taskbar.html

Vicenarian
05-13-2010, 01:59 AM
But how many of these disabled services ( Vicenarian lists ) are actually just broken file associations that are usually fixed in one fall swoop using techniques like these below?

We need to create a page of fixes for the most common things that get damaged....

Creates usable copies of REGEDIT, MSCONFIG and Task Manager:
http://www.dougknox.com/xp/utils/xp_emerutils.htm

Restore task Bar after system damage:
http://www.kztechs.com/sreng/sreng2.zip

Fixes .exe file associations (XP)
http://windowsxp.mvps.org/exefile.htm

File association Fixer 1.0 for Vista and 7:
http://www.soft82.com/download/windows/file-association-fixer/
http://www.winhelponline.com/articles/165/1/Restore-the-exe-file-association-in-Windows-Vista-after-incorrectly-associating-it-with-another-application.html

If Start Button, Start Menu, Task Bar, are all gone:
http://www.ehow.com/how_4915809_start-menu-start-button-taskbar.html

^^ Exactly. I think we could really use something like this. A one-stop thread with all the various fixes that need to be applied after virus removal.

RegEdit
05-13-2010, 02:54 AM
This site is also helpful for fixing registry errors.
I use Ctrl + F to find specific key words on this page (ex- taskbar)...
http://www.kellys-korner-xp.com/xp_tweaks.htm